Vulnerability Report Archives • Page 27 of 87 • Daily CyberSecurity

PolyShell Alert: Critical Magento REST API Vulnerability Faces Massive Global Exploitation in the Wild PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Alert: Critical Magento REST API Vulnerability Faces Massive Global Exploitation in the Wild

Do Son March 24, 2026

A critical security flaw in the Magento REST API is currently being weaponized by cybercriminals to hijack...

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks Helmholz myREX24V2 Industrial RCE

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks

Do Son March 24, 2026

Industrial connectivity specialist Helmholz GmbH & Co. KG has issued an urgent security advisory regarding multiple vulnerabilities...

Master Keys and Open Backdoors: TP-Link Issues Urgent Patch for Archer NX-Series Routers

Do Son March 24, 2026

In a major security alert, TP-Link has released a series of critical firmware updates to patch several...

High-Severity Spring Cloud Config Flaw Triggers File Leaks and SSRF Spring Data vulnerabilities Spring Cloud Config CVE-2026-22739 Spring Gateway SpEL, STOMP WebSocket CSRF Spring Security, vulnerability CVE-2024-38819 CVE-2025-41243 Spring Cloud Gateway, vulnerability

Spring Data vulnerabilities Spring Cloud Config CVE-2026-22739 Spring Gateway SpEL, STOMP WebSocket CSRF Spring Security, vulnerability CVE-2024-38819 CVE-2025-41243 Spring Cloud Gateway, vulnerability

High-Severity Spring Cloud Config Flaw Triggers File Leaks and SSRF

Do Son March 24, 2026

A significant security flaw has been identified in Spring Cloud Config, a popular framework used to provide...

8 High-Severity Risks Fixed: Chrome Desktop Update Fixes Critical Memory and Buffer Flaws Chrome Security Update High-Severity Flaws

8 High-Severity Risks Fixed: Chrome Desktop Update Fixes Critical Memory and Buffer Flaws

Do Son March 24, 2026

In a significant move to bolster user safety, a new Chrome Stable Channel Update has been launched...

Memory Leaks and Mixed Sessions: NetScaler’s Critical 9.3 CVSS Flaw Demands Immediate Action NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

Memory Leaks and Mixed Sessions: NetScaler’s Critical 9.3 CVSS Flaw Demands Immediate Action

Do Son March 24, 2026

On March 23, 2026, Cloud Software Group released a high-priority security bulletin addressing two vulnerabilities in NetScaler...

Critical 9.1 CVSS Flaws Threaten Total Wazuh Cluster Takeover Wazuh Vulnerability Security Cluster RCE

Critical 9.1 CVSS Flaws Threaten Total Wazuh Cluster Takeover

Do Son March 24, 2026

Wazuh, the popular open-source security platform trusted by organizations to protect cloud and on-premises workloads, is facing...

One Character to Rule Them All: How a Missing Slash Bypasses gRPC-Go Security (CVE-2026-33186) gRPC-Go Vulnerability Authorization Bypass

One Character to Rule Them All: How a Missing Slash Bypasses gRPC-Go Security (CVE-2026-33186)

Do Son March 23, 2026

A significant security flaw has been identified in gRPC-Go, the high-performance Go implementation of the gRPC framework....

Roundcube Webmail Hits Critical Update: New Security Fixes Target Hidden Vulnerabilities Roundcube Webmail security updates Roundcube Webmail Security Roundcube 1.6.14 Update

Roundcube Webmail security updates Roundcube Webmail Security Roundcube 1.6.14 Update

Roundcube Webmail Hits Critical Update: New Security Fixes Target Hidden Vulnerabilities

Do Son March 23, 2026

Roundcube Webmail has released a high-priority security update, version 1.6.14, aimed at patching several significant vulnerabilities that...

The Undocumented Backdoor: Critical 10.0 CVSS Flaw Hits WAGO Managed Switches

Do Son March 23, 2026

A severe vulnerability has been uncovered in several models of WAGO Managed Switches, potentially leaving industrial networks...

Unmasking DarkSword: GTIG Exposes Full-Chain iOS Exploit Used by Global Spies DarkSword Exploit iOS Zero-Day

Unmasking DarkSword: GTIG Exposes Full-Chain iOS Exploit Used by Global Spies

Do Son March 22, 2026

In a comprehensive technical disclosure, the Google Threat Intelligence Group (GTIG) has revealed the existence of a...

Disconnect Immediately: Rockwell Automation Issues Urgent Warning for Industrial Controllers

Do Son March 22, 2026

In a proactive move aimed at securing critical infrastructure, Rockwell Automation has issued a high-priority “Important Notice”...

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover IP-KVM Vulnerabilities Hardware Security

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover

Do Son March 22, 2026

Security researchers Reynaldo Vasquez Garcia and Paul Asadoorian from Eclypsium have issued a warning regarding a category...

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

Active Exploits: CISA Adds Critical Craft CMS and Apple ‘DarkSword’ Flaws to KEV

Do Son March 21, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding five...

Critical 9.3 CVSS Flaws Uncovered in Netwrix Password Secure Netwrix Vulnerability Password Secure

Critical 9.3 CVSS Flaws Uncovered in Netwrix Password Secure

Do Son March 21, 2026

Netwrix has issued an urgent security advisory following an internal review that uncovered multiple high-severity vulnerabilities in...

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems

Do Son March 21, 2026

QNAP Systems, Inc. has issued a critical security advisory for users of its QVR Pro surveillance solution....

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Critical 9.8 CVSS Flaw Exposes Oracle Identity Manager to Total Takeover

Do Son March 21, 2026

Oracle has issued an urgent security alert following the discovery of a “Critical” rated vulnerability impacting its...

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

PoC Exploit Publicly Disclosed: Apple Deploys First-Ever Background Security Patch for Cross-Origin Flaw

Do Son March 21, 2026

Apple has broken new ground in its defensive strategy, utilizing a “Background Security Improvements” feature to deliver...

Two High-Severity Spring Boot Flaws Expose Actuator Endpoints Spring Cloud Config Vulnerability CVE-2026-40982 Spring Boot Vulnerability CVSS 9.1 Bypass CVE-2022-31692 Spring Boot Vulnerability Authentication Bypass